Sujet Précédent Sujet Suivant

Spyware IE fenêtre CID

Résolu
chronos790 Messages postés 14 Statut Membre -  
chronos790 Messages postés 14 Statut Membre -
Bonjour, il y a deux jours je me suis chopé un spyware faisant apparaitre des pop up genre casino qui s'ouvre VIA IE alors que je ne l'utilise jamais ...
je n'utilise que FF
Les fenêtres ont un identifiant CID.
Si quelqu'un pouvait m'aider à identifier mon parasite et à le supprimer se serait super.
Merci d'avance.

Voici le Log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:07:33, on 02/08/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\AsGHost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Nero\Nero 7\InCD\InCD.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANOTIF.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\PowerForPhone\PowerForPhone.exe
C:\Windows\ASScrPro.exe
C:\Program Files\OrangeHSS\Systray\SystrayApp.exe
C:\Program Files\OrangeHSS\Launcher\Launcher.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Pando Networks\Pando\pando.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\System32\rundll32.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Program Files\Infineon\Security Platform Software\PSDrt.exe
C:\Program Files\Infineon\Security Platform Software\SpTna.exe
C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\conime.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.asus.com/fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: CInterceptor Object - {38D3FE60-3D53-4F37-BB0E-C7A97A26A156} - C:\Program Files\Pando Networks\Pando\PandoIEPlugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: ASUS Security Protect Manager - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItIEAddIn.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe C:\PROGRA~1\ASUSSE~1\ASUSSE~1\Bin\ASTSVCC.dll,RegisterModule
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [IaNvSrv] C:\Program Files\Intel\Intel Matrix Storage Manager\OROM\IaNvSrv\IaNvSrv.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [PowerForPhone] C:\Program Files\PowerForPhone\PowerForPhone.exe
O4 - HKLM\..\Run: [IFXSPMGT] C:\Windows\system32\ifxspmgt.exe /NotifyLogon
O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\ASScrPro.exe
O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\Windows\ASScrProlog.exe
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\OrangeHSS\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [orahssStartup] "C:\Program Files\OrangeHSS\Launcher\Launcher.exe" -appid connectivityapp
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Pando] "C:\Program Files\Pando Networks\Pando\Pando.exe" /Minimized
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [HtmSite] "C:\ProgramData\upload axis axis.fyhqqv2"
O4 - HKCU\..\Run: [dog about manager team] "C:\ProgramData\amen sect base.83icw"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O20 - AppInit_DLLs: APSHook.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - C:\Windows\system32\ifxspmgt.exe
O23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - C:\Windows\system32\ifxtcs.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Personal Secure Drive Service (PersonalSecureDriveService) - Infineon Technologies AG - C:\Windows\system32\IfxPsdSv.exe
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Syntek America Inc. - C:\Windows\System32\StkCSrv.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
A voir également:

25 réponses

  • 1
  • 2
Réponse 1 / 25
^^Marie^^ Messages postés 126523 Date d'inscription   Statut Membre Dernière intervention   3 279
 
Télécharge Lop S&D.exe sur ton bureau
tu télécharge Lop S&D.exe sur ton Bureau.https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2

https://sites.google.com/site/dcangeldark/changelog
· Double-clique dessus pour lancer l'installation
· Puis double-clique sur le raccourci Lop S&D présent sur ton bureau
· Séléctionne la langue souhaitée , puis choisis l'Option 1 ( Recherche )
· Patiente jusqu'à la fin du scan
· Poste le rapport généré ( C:\lopR.txt )

( Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide )

1
Réponse 2 / 25
chefpunky Messages postés 676 Statut Membre 31
 
Salut,

telecharge Navilog:

http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe
instale le
choisit l' option 1 et poste ton rapport ici.
0
Réponse 3 / 25
chronos790 Messages postés 14 Statut Membre
 
marche pas, je suis sur vista !
0
Réponse 4 / 25
chronos790 Messages postés 14 Statut Membre
 
marche pas non plus ...
voilà ce qui apparait https://www.imagevenue.com/view/o/?i=78083_2008-08-02_135316_122_197lo.jpg&h=img2110
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 25
^^Marie^^ Messages postés 126523 Date d'inscription   Statut Membre Dernière intervention   3 279
 
Désactive le contrôle des comptes utilisateurs (tu le réactiveras après ta désinfection):

- Va dans démarrer puis panneau de configuration
- Double Clique sur l'icône "Comptes d'utilisateurs"
- Clique ensuite sur désactiver et valide.

"Exécuter en tant qu'administrateur".
0
Réponse 6 / 25
chronos790 Messages postés 14 Statut Membre
 
Désolé d'avoir été un peu long...
Voilà le rapport

--------------------\\ Lop S&D 4.2.2-5 XP/Vista

[ Windows VISTA (NT 6.0) Workstation Build 6001, Service Pack 1 ]
[ USER : Aldric ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 02/08/2008 | 14:19:27,83 ] [ PC : PC-DE-ALDRIC ]
[ MAJ : 01-08-2008 | 01:40 ]
[ UAC => 0 ]

--------------------\\ Listing des dossiers dans Local

[16/01/2008|20:45] C:\Users\Aldric\AppData\Local\{54777076-B070-4F23-AAEE-777F1A6792DD}
[30/05/2008|13:06] C:\Users\Aldric\AppData\Local\{B493C017-4AC8-4FE0-8022-2EAFBD578E6E}
[11/02/2008|19:54] C:\Users\Aldric\AppData\Local\{B734406A-61B5-4E1D-A964-81B07B93BB70}
[05/06/2008|18:53] C:\Users\Aldric\AppData\Local\{C98C229E-62B4-4551-B6D4-521A7B2D16EC}
[29/06/2008|20:45] C:\Users\Aldric\AppData\Local\Adobe
[17/01/2008|01:03] C:\Users\Aldric\AppData\Local\Ahead
[16/01/2008|20:03] C:\Users\Aldric\AppData\Local\Apple
[14/07/2008|23:15] C:\Users\Aldric\AppData\Local\Apple Computer
[15/01/2008|20:43] C:\Users\Aldric\AppData\Local\Application Data
[26/07/2008|15:24] C:\Users\Aldric\AppData\Local\Cooliris
[15/06/2008|22:38] C:\Users\Aldric\AppData\Local\d3d9caps.dat
[02/08/2008|02:31] C:\Users\Aldric\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[01/02/2008|02:04] C:\Users\Aldric\AppData\Local\eMule
[10/05/2008|17:21] C:\Users\Aldric\AppData\Local\GDIPFONTCACHEV1.DAT
[15/01/2008|23:54] C:\Users\Aldric\AppData\Local\Google
[15/01/2008|20:43] C:\Users\Aldric\AppData\Local\Historique
[02/08/2008|14:05] C:\Users\Aldric\AppData\Local\IconCache.db
[29/05/2008|01:41] C:\Users\Aldric\AppData\Local\Installer5288
[29/05/2008|01:25] C:\Users\Aldric\AppData\Local\Installer5792
[25/03/2008|02:18] C:\Users\Aldric\AppData\Local\Microsoft
[15/01/2008|23:19] C:\Users\Aldric\AppData\Local\Microsoft Games
[16/07/2008|00:08] C:\Users\Aldric\AppData\Local\Microsoft Help
[19/01/2008|18:11] C:\Users\Aldric\AppData\Local\Mozilla
[16/01/2008|20:46] C:\Users\Aldric\AppData\Local\Pando
[02/08/2008|14:17] C:\Users\Aldric\AppData\Local\Temp
[15/01/2008|20:43] C:\Users\Aldric\AppData\Local\Temporary Internet Files
[16/01/2008|21:14] C:\Users\Aldric\AppData\Local\VirtualStore

--------------------\\ Tâches planifiées dans C:\Windows\tasks

[28/07/2008 20:00][--a------] C:\Windows\tasks\Norton Internet Security - Run Full System Scan - Aldric.job
[02/08/2008 14:14][--ah-----] C:\Windows\tasks\SA.DAT
[02/08/2008 14:05][--a------] C:\Windows\tasks\SCHEDLGU.TXT

--------------------\\ Listing des dossiers dans C:\ProgramData

[19/11/2007|10:31] C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}
[10/05/2008|18:04] C:\ProgramData\Adobe
[30/07/2008|22:22] C:\ProgramData\amen sect base.83icw
[16/01/2008|20:02] C:\ProgramData\Apple
[16/01/2008|20:05] C:\ProgramData\Apple Computer
[02/11/2006|15:02] C:\ProgramData\Application Data
[15/01/2008|20:53] C:\ProgramData\ASUS
[21/01/2008|01:30] C:\ProgramData\Azureus
[02/11/2006|15:02] C:\ProgramData\Desktop
[02/11/2006|15:02] C:\ProgramData\Documents
[30/07/2008|22:22] C:\ProgramData\Drv Audio Dog About
[25/07/2008|18:49] C:\ProgramData\DVD Shrink
[01/02/2008|02:04] C:\ProgramData\eMule
[02/11/2006|15:02] C:\ProgramData\Favorites
[31/07/2008|19:12] C:\ProgramData\FLEXnet
[15/01/2008|23:54] C:\ProgramData\Google
[19/11/2007|11:55] C:\ProgramData\Infineon
[15/01/2008|21:01] C:\ProgramData\LightScribe
[01/08/2008|14:45] C:\ProgramData\Microsoft
[16/07/2008|00:18] C:\ProgramData\Microsoft Help
[19/11/2007|10:32] C:\ProgramData\Nero
[31/07/2008|19:12] C:\ProgramData\P4G
[30/07/2008|22:22] C:\ProgramData\PureBiasBold
[02/11/2006|15:02] C:\ProgramData\Start Menu
[19/07/2008|01:17] C:\ProgramData\Symantec
[02/11/2006|15:02] C:\ProgramData\Templates
[30/07/2008|22:22] C:\ProgramData\upload axis axis.2nis4
[30/07/2008|22:22] C:\ProgramData\upload axis axis.fyhqqv2
[24/03/2008|22:51] C:\ProgramData\WLInstaller

--------------------\\ Listing des dossiers dans C:\Program Files

[19/11/2007|10:31] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[27/07/2008|18:34] C:\Program Files\Adobe
[19/11/2007|11:43] C:\Program Files\ASUS
[19/11/2007|11:25] C:\Program Files\ASUS Security Center
[19/11/2007|11:11] C:\Program Files\ATK Hotkey
[19/11/2007|11:12] C:\Program Files\ATKGFNEX
[19/11/2007|11:13] C:\Program Files\ATKOSD2
[17/07/2008|22:04] C:\Program Files\Azureus
[14/07/2008|23:05] C:\Program Files\Bonjour
[10/05/2008|16:56] C:\Program Files\Common Files
[19/11/2007|11:45] C:\Program Files\CSR
[01/08/2008|13:30] C:\Program Files\desktop.ini
[26/06/2008|22:12] C:\Program Files\DivX
[16/01/2008|20:41] C:\Program Files\DVD Shrink
[27/06/2008|19:02] C:\Program Files\eMule
[23/02/2008|02:21] C:\Program Files\FastStone Capture
[19/11/2007|11:24] C:\Program Files\Fingerprint Sensor
[31/07/2008|19:36] C:\Program Files\Google
[19/11/2007|11:55] C:\Program Files\Infineon
[19/11/2007|11:45] C:\Program Files\InstallShield Installation Information
[19/11/2007|11:38] C:\Program Files\Intel
[01/08/2008|02:22] C:\Program Files\Internet Explorer
[15/01/2008|23:41] C:\Program Files\Inventel
[14/07/2008|23:08] C:\Program Files\iPod
[14/07/2008|23:08] C:\Program Files\iTunes
[16/01/2008|20:39] C:\Program Files\IZArc
[14/07/2008|23:27] C:\Program Files\Java
[02/08/2008|13:43] C:\Program Files\Lopxp
[19/01/2008|00:53] C:\Program Files\Media Player Classic
[16/01/2008|19:59] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[19/11/2007|10:30] C:\Program Files\Microsoft Office
[19/11/2007|10:30] C:\Program Files\Microsoft Visual Studio
[19/11/2007|10:30] C:\Program Files\Microsoft Works
[19/11/2007|10:29] C:\Program Files\Microsoft.NET
[19/11/2007|10:19] C:\Program Files\Motorola
[01/08/2008|02:22] C:\Program Files\Movie Maker
[17/07/2008|00:13] C:\Program Files\Mozilla Firefox
[02/11/2006|14:37] C:\Program Files\MSBuild
[18/04/2007|10:43] C:\Program Files\MSXML 4.0
[02/08/2008|13:34] C:\Program Files\Navilog1
[19/11/2007|10:32] C:\Program Files\Nero
[29/07/2008|18:41] C:\Program Files\Norton Internet Security
[19/01/2008|16:08] C:\Program Files\OrangeHSS
[19/11/2007|11:40] C:\Program Files\P4G
[05/06/2008|18:54] C:\Program Files\Pando Networks
[19/11/2007|11:40] C:\Program Files\Power4Gear eXtreme
[19/11/2007|11:44] C:\Program Files\PowerForPhone
[14/07/2008|23:04] C:\Program Files\QuickTime
[19/01/2008|18:38] C:\Program Files\Real
[19/11/2007|11:09] C:\Program Files\Realtek
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[15/01/2008|23:41] C:\Program Files\Securitoo
[19/11/2007|11:18] C:\Program Files\Symantec
[19/11/2007|11:43] C:\Program Files\Synaptics
[01/02/2008|22:25] C:\Program Files\Total Video Converter
[02/08/2008|13:06] C:\Program Files\Trend Micro
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[16/01/2008|20:38] C:\Program Files\VideoLAN
[19/01/2008|00:43] C:\Program Files\VistaCodecPack
[19/01/2008|15:46] C:\Program Files\Wanadoo
[01/08/2008|02:22] C:\Program Files\Windows Calendar
[01/08/2008|02:21] C:\Program Files\Windows Collaboration
[01/08/2008|02:21] C:\Program Files\Windows Defender
[01/08/2008|02:21] C:\Program Files\Windows Journal
[24/03/2008|22:59] C:\Program Files\Windows Live
[01/08/2008|02:22] C:\Program Files\Windows Mail
[01/08/2008|02:22] C:\Program Files\Windows Media Player
[02/11/2006|14:37] C:\Program Files\Windows NT
[01/08/2008|02:21] C:\Program Files\Windows Photo Gallery
[01/08/2008|02:22] C:\Program Files\Windows Sidebar
[19/01/2008|21:02] C:\Program Files\WinRAR
[19/11/2007|11:28] C:\Program Files\Wireless Console 2

--------------------\\ Listing des dossiers dans C:\Program Files\Common Files

[10/05/2008|18:04] C:\Program Files\Common Files\Adobe
[19/11/2007|10:34] C:\Program Files\Common Files\Ahead
[16/01/2008|20:02] C:\Program Files\Common Files\Apple
[19/11/2007|10:30] C:\Program Files\Common Files\DESIGNER
[19/01/2008|15:58] C:\Program Files\Common Files\France Telecom
[19/11/2007|11:21] C:\Program Files\Common Files\InstallShield
[19/01/2008|18:31] C:\Program Files\Common Files\Java
[19/11/2007|10:34] C:\Program Files\Common Files\LightScribe
[10/05/2008|16:56] C:\Program Files\Common Files\Macrovision Shared
[16/07/2008|00:07] C:\Program Files\Common Files\microsoft shared
[20/01/2008|04:21] C:\Program Files\Common Files\PX Storage Engine
[19/01/2008|18:39] C:\Program Files\Common Files\Real
[31/07/2008|19:12] C:\Program Files\Common Files\Services
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[14/07/2008|23:28] C:\Program Files\Common Files\Symantec Shared
[01/08/2008|02:21] C:\Program Files\Common Files\System
[24/03/2008|22:58] C:\Program Files\Common Files\WindowsLiveInstaller
[19/01/2008|18:39] C:\Program Files\Common Files\xing shared

--------------------\\ Process

( 97 Processus )

iexplore.exe ~ [516]
iexplore.exe ~ [904]

--------------------\\ Recherche avec S_Lop

C:\ProgramData\amen sect base.83icw
C:\ProgramData\upload axis axis.2nis4
C:\ProgramData\upload axis axis.fyhqqv2
C:\Users\Aldric\AppData\Local\Temp\bis4241.exe
C:\ProgramData\PUREBI~1
C:\ProgramData\PUREBI~1\izzjaets.exe
C:\ProgramData\PUREBI~1\SupportLoad.exe

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\ProgramData\Drv Audio Dog About
C:\ProgramData\Drv Audio Dog About\roam intra.exe
C:\Users\Aldric\AppData\Local\Temp\3wPlayer.zip

--------------------\\ Verification du Registre

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\lovegreatinside]
"DisplayName"="CiD Help"
"UninstallString"="C:\\PROGRA~2\\PUREBI~1\\SupportLoad.exe -uninstall"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"dog about manager team"="\"C:\\ProgramData\\amen sect base.83icw\""
"HtmSite"="\"C:\\ProgramData\\upload axis axis.fyhqqv2\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-02 14:09:50
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden files ...
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-02 14:19:50
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Recherche d'autres infections

Aucune autre infection trouvée !

[F:10612][D:707]-> C:\Users\Aldric\AppData\Local\Temp
[F:3][D:1]-> C:\Users\Aldric\AppData\Roaming\MICROS~1\Windows\Cookies
[F:4][D:4]-> C:\Users\Aldric\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:22][D:4]-> C:\$Recycle.Bin

--------------------\\ Fin du rapport a 14:22:52,81
[ UAC => 1 ]
0
Réponse 7 / 25
^^Marie^^ Messages postés 126523 Date d'inscription   Statut Membre Dernière intervention   3 279
 
Relance Lop S&D
· Choisis cette fois ci l'Option 2 ( Suppression )
· Ne ferme pas la fenêtre lors de la suppression !
· Poste le rapport généré ( C:\lopR.txt )

( Si le Bureau ne réapparît pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide )

0
Réponse 8 / 25
chronos790 Messages postés 14 Statut Membre
 
Voilà

--------------------\\ Lop S&D 4.2.2-5 XP/Vista

[ Windows VISTA (NT 6.0) Workstation Build 6001, Service Pack 1 ]
[ USER : Aldric ] [ "C:\Lop SD" ] [ Selection : 2 ]
[ 02/08/2008 | 18:54:41,82 ] [ PC : PC-DE-ALDRIC ]
[ MAJ : 01-08-2008 | 01:40 ]
[ UAC => 0 ]

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

Echec ! - C:\ProgramData\Drv Audio Dog About\roam intra.exe
Supprime! - C:\Users\Aldric\AppData\Local\Temp\3wPlayer.zip
Supprime! - C:\ProgramData\amen sect base.83icw
Supprime! - C:\ProgramData\upload axis axis.2nis4
Supprime! - C:\ProgramData\upload axis axis.fyhqqv2
Supprime! - C:\Users\Aldric\AppData\Local\Temp\bis4241.exe
Supprime! - C:\ProgramData\PUREBI~1\izzjaets.exe
Supprime! - C:\ProgramData\PUREBI~1\SupportLoad.exe
Echec ! - C:\ProgramData\Drv Audio Dog About
Supprime! - C:\ProgramData\PUREBI~1
RestaurÚ! - Fichier Hosts

\\\\\\\\\\\\\\\\\\\\\\\\\\\ DEUXIEME PASSAGE ///////////////////////////

Echec ! - C:\ProgramData\Drv Audio Dog About\roam intra.exe
Echec ! - C:\ProgramData\Drv Audio Dog About

//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

--------------------\\ Listing des dossiers dans Local

[16/01/2008|20:45] C:\Users\Aldric\AppData\Local\{54777076-B070-4F23-AAEE-777F1A6792DD}
[30/05/2008|13:06] C:\Users\Aldric\AppData\Local\{B493C017-4AC8-4FE0-8022-2EAFBD578E6E}
[11/02/2008|19:54] C:\Users\Aldric\AppData\Local\{B734406A-61B5-4E1D-A964-81B07B93BB70}
[05/06/2008|18:53] C:\Users\Aldric\AppData\Local\{C98C229E-62B4-4551-B6D4-521A7B2D16EC}
[29/06/2008|20:45] C:\Users\Aldric\AppData\Local\Adobe
[17/01/2008|01:03] C:\Users\Aldric\AppData\Local\Ahead
[16/01/2008|20:03] C:\Users\Aldric\AppData\Local\Apple
[14/07/2008|23:15] C:\Users\Aldric\AppData\Local\Apple Computer
[15/01/2008|20:43] C:\Users\Aldric\AppData\Local\Application Data
[26/07/2008|15:24] C:\Users\Aldric\AppData\Local\Cooliris
[15/06/2008|22:38] C:\Users\Aldric\AppData\Local\d3d9caps.dat
[02/08/2008|17:29] C:\Users\Aldric\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[01/02/2008|02:04] C:\Users\Aldric\AppData\Local\eMule
[10/05/2008|17:21] C:\Users\Aldric\AppData\Local\GDIPFONTCACHEV1.DAT
[15/01/2008|23:54] C:\Users\Aldric\AppData\Local\Google
[15/01/2008|20:43] C:\Users\Aldric\AppData\Local\Historique
[02/08/2008|14:59] C:\Users\Aldric\AppData\Local\IconCache.db
[29/05/2008|01:41] C:\Users\Aldric\AppData\Local\Installer5288
[29/05/2008|01:25] C:\Users\Aldric\AppData\Local\Installer5792
[25/03/2008|02:18] C:\Users\Aldric\AppData\Local\Microsoft
[15/01/2008|23:19] C:\Users\Aldric\AppData\Local\Microsoft Games
[16/07/2008|00:08] C:\Users\Aldric\AppData\Local\Microsoft Help
[19/01/2008|18:11] C:\Users\Aldric\AppData\Local\Mozilla
[16/01/2008|20:46] C:\Users\Aldric\AppData\Local\Pando
[02/08/2008|18:55] C:\Users\Aldric\AppData\Local\Temp
[15/01/2008|20:43] C:\Users\Aldric\AppData\Local\Temporary Internet Files
[16/01/2008|21:14] C:\Users\Aldric\AppData\Local\VirtualStore

--------------------\\ Tâches planifiées dans C:\Windows\tasks

[28/07/2008 20:00][--a------] C:\Windows\tasks\Norton Internet Security - Run Full System Scan - Aldric.job
[02/08/2008 15:00][--ah-----] C:\Windows\tasks\SA.DAT
[02/08/2008 14:59][--a------] C:\Windows\tasks\SCHEDLGU.TXT

--------------------\\ Listing des dossiers dans C:\ProgramData

[19/11/2007|10:31] C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}
[10/05/2008|18:04] C:\ProgramData\Adobe
[16/01/2008|20:02] C:\ProgramData\Apple
[16/01/2008|20:05] C:\ProgramData\Apple Computer
[02/11/2006|15:02] C:\ProgramData\Application Data
[15/01/2008|20:53] C:\ProgramData\ASUS
[21/01/2008|01:30] C:\ProgramData\Azureus
[02/11/2006|15:02] C:\ProgramData\Desktop
[02/11/2006|15:02] C:\ProgramData\Documents
[30/07/2008|22:22] C:\ProgramData\Drv Audio Dog About
[25/07/2008|18:49] C:\ProgramData\DVD Shrink
[01/02/2008|02:04] C:\ProgramData\eMule
[02/11/2006|15:02] C:\ProgramData\Favorites
[31/07/2008|19:12] C:\ProgramData\FLEXnet
[15/01/2008|23:54] C:\ProgramData\Google
[19/11/2007|11:55] C:\ProgramData\Infineon
[15/01/2008|21:01] C:\ProgramData\LightScribe
[01/08/2008|14:45] C:\ProgramData\Microsoft
[16/07/2008|00:18] C:\ProgramData\Microsoft Help
[19/11/2007|10:32] C:\ProgramData\Nero
[31/07/2008|19:12] C:\ProgramData\P4G
[02/11/2006|15:02] C:\ProgramData\Start Menu
[19/07/2008|01:17] C:\ProgramData\Symantec
[02/11/2006|15:02] C:\ProgramData\Templates
[24/03/2008|22:51] C:\ProgramData\WLInstaller

--------------------\\ Listing des dossiers dans C:\Program Files

[19/11/2007|10:31] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[27/07/2008|18:34] C:\Program Files\Adobe
[19/11/2007|11:43] C:\Program Files\ASUS
[19/11/2007|11:25] C:\Program Files\ASUS Security Center
[19/11/2007|11:11] C:\Program Files\ATK Hotkey
[19/11/2007|11:12] C:\Program Files\ATKGFNEX
[19/11/2007|11:13] C:\Program Files\ATKOSD2
[17/07/2008|22:04] C:\Program Files\Azureus
[14/07/2008|23:05] C:\Program Files\Bonjour
[10/05/2008|16:56] C:\Program Files\Common Files
[19/11/2007|11:45] C:\Program Files\CSR
[01/08/2008|13:30] C:\Program Files\desktop.ini
[26/06/2008|22:12] C:\Program Files\DivX
[16/01/2008|20:41] C:\Program Files\DVD Shrink
[27/06/2008|19:02] C:\Program Files\eMule
[23/02/2008|02:21] C:\Program Files\FastStone Capture
[19/11/2007|11:24] C:\Program Files\Fingerprint Sensor
[31/07/2008|19:36] C:\Program Files\Google
[19/11/2007|11:55] C:\Program Files\Infineon
[19/11/2007|11:45] C:\Program Files\InstallShield Installation Information
[19/11/2007|11:38] C:\Program Files\Intel
[01/08/2008|02:22] C:\Program Files\Internet Explorer
[15/01/2008|23:41] C:\Program Files\Inventel
[14/07/2008|23:08] C:\Program Files\iPod
[14/07/2008|23:08] C:\Program Files\iTunes
[16/01/2008|20:39] C:\Program Files\IZArc
[14/07/2008|23:27] C:\Program Files\Java
[02/08/2008|13:43] C:\Program Files\Lopxp
[19/01/2008|00:53] C:\Program Files\Media Player Classic
[16/01/2008|19:59] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[19/11/2007|10:30] C:\Program Files\Microsoft Office
[19/11/2007|10:30] C:\Program Files\Microsoft Visual Studio
[19/11/2007|10:30] C:\Program Files\Microsoft Works
[19/11/2007|10:29] C:\Program Files\Microsoft.NET
[19/11/2007|10:19] C:\Program Files\Motorola
[01/08/2008|02:22] C:\Program Files\Movie Maker
[17/07/2008|00:13] C:\Program Files\Mozilla Firefox
[02/11/2006|14:37] C:\Program Files\MSBuild
[18/04/2007|10:43] C:\Program Files\MSXML 4.0
[02/08/2008|13:34] C:\Program Files\Navilog1
[19/11/2007|10:32] C:\Program Files\Nero
[29/07/2008|18:41] C:\Program Files\Norton Internet Security
[19/01/2008|16:08] C:\Program Files\OrangeHSS
[19/11/2007|11:40] C:\Program Files\P4G
[05/06/2008|18:54] C:\Program Files\Pando Networks
[19/11/2007|11:40] C:\Program Files\Power4Gear eXtreme
[19/11/2007|11:44] C:\Program Files\PowerForPhone
[14/07/2008|23:04] C:\Program Files\QuickTime
[19/01/2008|18:38] C:\Program Files\Real
[19/11/2007|11:09] C:\Program Files\Realtek
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[15/01/2008|23:41] C:\Program Files\Securitoo
[19/11/2007|11:18] C:\Program Files\Symantec
[19/11/2007|11:43] C:\Program Files\Synaptics
[01/02/2008|22:25] C:\Program Files\Total Video Converter
[02/08/2008|13:06] C:\Program Files\Trend Micro
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[16/01/2008|20:38] C:\Program Files\VideoLAN
[19/01/2008|00:43] C:\Program Files\VistaCodecPack
[19/01/2008|15:46] C:\Program Files\Wanadoo
[01/08/2008|02:22] C:\Program Files\Windows Calendar
[01/08/2008|02:21] C:\Program Files\Windows Collaboration
[01/08/2008|02:21] C:\Program Files\Windows Defender
[01/08/2008|02:21] C:\Program Files\Windows Journal
[24/03/2008|22:59] C:\Program Files\Windows Live
[01/08/2008|02:22] C:\Program Files\Windows Mail
[01/08/2008|02:22] C:\Program Files\Windows Media Player
[02/11/2006|14:37] C:\Program Files\Windows NT
[01/08/2008|02:21] C:\Program Files\Windows Photo Gallery
[01/08/2008|02:22] C:\Program Files\Windows Sidebar
[19/01/2008|21:02] C:\Program Files\WinRAR
[19/11/2007|11:28] C:\Program Files\Wireless Console 2

--------------------\\ Listing des dossiers dans C:\Program Files\Common Files

[10/05/2008|18:04] C:\Program Files\Common Files\Adobe
[19/11/2007|10:34] C:\Program Files\Common Files\Ahead
[16/01/2008|20:02] C:\Program Files\Common Files\Apple
[19/11/2007|10:30] C:\Program Files\Common Files\DESIGNER
[19/01/2008|15:58] C:\Program Files\Common Files\France Telecom
[19/11/2007|11:21] C:\Program Files\Common Files\InstallShield
[19/01/2008|18:31] C:\Program Files\Common Files\Java
[19/11/2007|10:34] C:\Program Files\Common Files\LightScribe
[10/05/2008|16:56] C:\Program Files\Common Files\Macrovision Shared
[16/07/2008|00:07] C:\Program Files\Common Files\microsoft shared
[20/01/2008|04:21] C:\Program Files\Common Files\PX Storage Engine
[19/01/2008|18:39] C:\Program Files\Common Files\Real
[31/07/2008|19:12] C:\Program Files\Common Files\Services
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[14/07/2008|23:28] C:\Program Files\Common Files\Symantec Shared
[01/08/2008|02:21] C:\Program Files\Common Files\System
[24/03/2008|22:58] C:\Program Files\Common Files\WindowsLiveInstaller
[19/01/2008|18:39] C:\Program Files\Common Files\xing shared

--------------------\\ Process

( 93 Processus )

iexplore.exe ~ [5736]

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\ProgramData\Drv Audio Dog About
C:\ProgramData\Drv Audio Dog About\roam intra.exe

--------------------\\ Verification du Registre

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-02 18:55:28
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Recherche d'autres infections

Aucune autre infection trouvée !

[F:10610][D:707]-> C:\Users\Aldric\AppData\Local\Temp
[F:3][D:1]-> C:\Users\Aldric\AppData\Roaming\MICROS~1\Windows\Cookies
[F:19][D:4]-> C:\Users\Aldric\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:20][D:4]-> C:\$Recycle.Bin

--------------------\\ Fin du rapport a 18:57:18,04
[ UAC => 1 ]
0
Réponse 9 / 25
^^Marie^^ Messages postés 126523 Date d'inscription   Statut Membre Dernière intervention   3 279
 
OK

Tu devrais avoir moins de soucis...

Envoie un log hijackthis -- stp

0
Réponse 10 / 25
chronos790 Messages postés 14 Statut Membre
 
voilà !

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:52:13, on 02/08/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\AsGHost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Nero\Nero 7\InCD\InCD.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANOTIF.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\PowerForPhone\PowerForPhone.exe
C:\Windows\ASScrPro.exe
C:\Program Files\OrangeHSS\Systray\SystrayApp.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Program Files\Infineon\Security Platform Software\PSDrt.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Infineon\Security Platform Software\SpTna.exe
C:\Program Files\Pando Networks\Pando\pando.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\conime.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.asus.com/fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: CInterceptor Object - {38D3FE60-3D53-4F37-BB0E-C7A97A26A156} - C:\Program Files\Pando Networks\Pando\PandoIEPlugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: ASUS Security Protect Manager - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItIEAddIn.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe C:\PROGRA~1\ASUSSE~1\ASUSSE~1\Bin\ASTSVCC.dll,RegisterModule
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [IaNvSrv] C:\Program Files\Intel\Intel Matrix Storage Manager\OROM\IaNvSrv\IaNvSrv.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [PowerForPhone] C:\Program Files\PowerForPhone\PowerForPhone.exe
O4 - HKLM\..\Run: [IFXSPMGT] C:\Windows\system32\ifxspmgt.exe /NotifyLogon
O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\ASScrPro.exe
O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\Windows\ASScrProlog.exe
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\OrangeHSS\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [orahssStartup] "C:\Program Files\OrangeHSS\Launcher\Launcher.exe" -appid connectivityapp
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Pando] "C:\Program Files\Pando Networks\Pando\Pando.exe" /Minimized
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra button: ASUS Security Protect Manager e-Wallet - {1009C944-97D5-44A9-9E32-DFF54F498968} - C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASWallet.dll
O9 - Extra 'Tools' menuitem: ASUS Security Protect Manager e-&Wallet - {1009C944-97D5-44A9-9E32-DFF54F498968} - C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASWallet.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O20 - AppInit_DLLs: APSHook.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - C:\Windows\system32\ifxspmgt.exe
O23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - C:\Windows\system32\ifxtcs.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Personal Secure Drive Service (PersonalSecureDriveService) - Infineon Technologies AG - C:\Windows\system32\IfxPsdSv.exe
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Syntek America Inc. - C:\Windows\System32\StkCSrv.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
0
Réponse 11 / 25
chronos790 Messages postés 14 Statut Membre
 
si tu peux me dire également ce que tout ça a fait ce serait sympa !
que je sois pas complètement idiot, en cas de nouveau problème similaire lol
0
Réponse 12 / 25
^^Marie^^ Messages postés 126523 Date d'inscription   Statut Membre Dernière intervention   3 279
 
Pour les pubs ? Tu as du aller quelque part et te chopper des merdouilles...

Dis moi, tu l'as acheté Norton ??
0
Réponse 13 / 25
chronos790 Messages postés 14 Statut Membre
 
Il était déjà installé !
je sais que norton c'est pas super, mais bon... j'avais pas eu de problème jusqu'à maintenant ...
sur mon ancien ordi j'avais panda: http://www.antivirus-2008-fr.com/panda/v2/default.asp?PID=0c547111-983d-475a-863c-32bc5788522a&gclid=COKw58bv75QCFQpatAodHHAuXg
0
Réponse 14 / 25
chronos790 Messages postés 14 Statut Membre
 
Bon !
pour l'instant je n'est plus de problème, ces saletés de fenêtre n'apparaissent plus ^_^
je te remercie BEAUCOUP pour ton aide.
Passe un bon week end et de bonnes vacances, si pas encore prise.
0
Réponse 15 / 25
^^Marie^^ Messages postés 126523 Date d'inscription   Statut Membre Dernière intervention   3 279
 
Re

Il prend bcp de place aussi Norton,

· Télécharge ToolsCleaner de A.Roshtein sur ton Bureau.(sur un des 2 liens)
http://pc-system.fr/

· Clique sur Recherche et laisse le scan se terminer.
· Clique, sur Suppression pour finaliser.
· Tu peux, si tu le souhaites, te servir des Options facultatives.
· Clique sur Quitter, pour que le rapport puisse se créer.
· Poste moi le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur( C:\).

0
chronos790 Messages postés 14 Statut Membre
 
ToolsCleaner2 marche pas sur vista
0
Réponse 16 / 25
eZula Messages postés 3509 Statut Contributeur 392
 
Il semblerait que ce répertoire n'ait pas été supprimé : 

Echec ! - C:\ProgramData\Drv Audio Dog About\roam intra.exe
Echec ! - C:\ProgramData\Drv Audio Dog About

0
Réponse 17 / 25
chronos790 Messages postés 14 Statut Membre
 
oui !
hier après la manip, tout allait bien et depuis ce matin j'ai de nouveau ces saletés de fenêtre ... GRRRRRR
Je fait comment pour les supprimer définitivement ?
0
Réponse 18 / 25
eZula Messages postés 3509 Statut Contributeur 392
 
Lance un nouveau scan LopSD -> option suppression, et en mode sans échec
Lorsque c'est terminé, poste le rapport pour voir
0
Réponse 19 / 25
chronos790 Messages postés 14 Statut Membre
 
Le mode sans échec c'est le 1 ?

--------------------\\ Lop S&D 4.2.2-5 XP/Vista

[ Windows VISTA (NT 6.0) Workstation Build 6001, Service Pack 1 ]
[ USER : Aldric ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 03/08/2008 | 15:07:45,14 ] [ PC : PC-DE-ALDRIC ]
[ MAJ : 01-08-2008 | 01:40 ]
[ UAC => 0 ]

--------------------\\ Listing des dossiers dans Local

[16/01/2008|20:45] C:\Users\Aldric\AppData\Local\{54777076-B070-4F23-AAEE-777F1A6792DD}
[30/05/2008|13:06] C:\Users\Aldric\AppData\Local\{B493C017-4AC8-4FE0-8022-2EAFBD578E6E}
[11/02/2008|19:54] C:\Users\Aldric\AppData\Local\{B734406A-61B5-4E1D-A964-81B07B93BB70}
[05/06/2008|18:53] C:\Users\Aldric\AppData\Local\{C98C229E-62B4-4551-B6D4-521A7B2D16EC}
[29/06/2008|20:45] C:\Users\Aldric\AppData\Local\Adobe
[17/01/2008|01:03] C:\Users\Aldric\AppData\Local\Ahead
[16/01/2008|20:03] C:\Users\Aldric\AppData\Local\Apple
[14/07/2008|23:15] C:\Users\Aldric\AppData\Local\Apple Computer
[15/01/2008|20:43] C:\Users\Aldric\AppData\Local\Application Data
[26/07/2008|15:24] C:\Users\Aldric\AppData\Local\Cooliris
[15/06/2008|22:38] C:\Users\Aldric\AppData\Local\d3d9caps.dat
[03/08/2008|01:29] C:\Users\Aldric\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[01/02/2008|02:04] C:\Users\Aldric\AppData\Local\eMule
[10/05/2008|17:21] C:\Users\Aldric\AppData\Local\GDIPFONTCACHEV1.DAT
[15/01/2008|23:54] C:\Users\Aldric\AppData\Local\Google
[15/01/2008|20:43] C:\Users\Aldric\AppData\Local\Historique
[03/08/2008|13:02] C:\Users\Aldric\AppData\Local\IconCache.db
[29/05/2008|01:41] C:\Users\Aldric\AppData\Local\Installer5288
[29/05/2008|01:25] C:\Users\Aldric\AppData\Local\Installer5792
[25/03/2008|02:18] C:\Users\Aldric\AppData\Local\Microsoft
[15/01/2008|23:19] C:\Users\Aldric\AppData\Local\Microsoft Games
[16/07/2008|00:08] C:\Users\Aldric\AppData\Local\Microsoft Help
[19/01/2008|18:11] C:\Users\Aldric\AppData\Local\Mozilla
[16/01/2008|20:46] C:\Users\Aldric\AppData\Local\Pando
[03/08/2008|15:07] C:\Users\Aldric\AppData\Local\Temp
[15/01/2008|20:43] C:\Users\Aldric\AppData\Local\Temporary Internet Files
[16/01/2008|21:14] C:\Users\Aldric\AppData\Local\VirtualStore

--------------------\\ Tâches planifiées dans C:\Windows\tasks

[28/07/2008 20:00][--a------] C:\Windows\tasks\Norton Internet Security - Run Full System Scan - Aldric.job
[03/08/2008 15:07][--ah-----] C:\Windows\tasks\SA.DAT
[03/08/2008 15:06][--a------] C:\Windows\tasks\SCHEDLGU.TXT

--------------------\\ Listing des dossiers dans C:\ProgramData

[19/11/2007|10:31] C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}
[10/05/2008|18:04] C:\ProgramData\Adobe
[16/01/2008|20:02] C:\ProgramData\Apple
[16/01/2008|20:05] C:\ProgramData\Apple Computer
[02/11/2006|15:02] C:\ProgramData\Application Data
[15/01/2008|20:53] C:\ProgramData\ASUS
[21/01/2008|01:30] C:\ProgramData\Azureus
[02/11/2006|15:02] C:\ProgramData\Desktop
[02/11/2006|15:02] C:\ProgramData\Documents
[25/07/2008|18:49] C:\ProgramData\DVD Shrink
[01/02/2008|02:04] C:\ProgramData\eMule
[02/11/2006|15:02] C:\ProgramData\Favorites
[31/07/2008|19:12] C:\ProgramData\FLEXnet
[15/01/2008|23:54] C:\ProgramData\Google
[19/11/2007|11:55] C:\ProgramData\Infineon
[15/01/2008|21:01] C:\ProgramData\LightScribe
[01/08/2008|14:45] C:\ProgramData\Microsoft
[16/07/2008|00:18] C:\ProgramData\Microsoft Help
[19/11/2007|10:32] C:\ProgramData\Nero
[31/07/2008|19:12] C:\ProgramData\P4G
[02/11/2006|15:02] C:\ProgramData\Start Menu
[19/07/2008|01:17] C:\ProgramData\Symantec
[02/11/2006|15:02] C:\ProgramData\Templates
[24/03/2008|22:51] C:\ProgramData\WLInstaller

--------------------\\ Listing des dossiers dans C:\Program Files

[19/11/2007|10:31] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[27/07/2008|18:34] C:\Program Files\Adobe
[19/11/2007|11:43] C:\Program Files\ASUS
[19/11/2007|11:25] C:\Program Files\ASUS Security Center
[19/11/2007|11:11] C:\Program Files\ATK Hotkey
[19/11/2007|11:12] C:\Program Files\ATKGFNEX
[19/11/2007|11:13] C:\Program Files\ATKOSD2
[17/07/2008|22:04] C:\Program Files\Azureus
[14/07/2008|23:05] C:\Program Files\Bonjour
[10/05/2008|16:56] C:\Program Files\Common Files
[19/11/2007|11:45] C:\Program Files\CSR
[01/08/2008|13:30] C:\Program Files\desktop.ini
[26/06/2008|22:12] C:\Program Files\DivX
[16/01/2008|20:41] C:\Program Files\DVD Shrink
[27/06/2008|19:02] C:\Program Files\eMule
[23/02/2008|02:21] C:\Program Files\FastStone Capture
[19/11/2007|11:24] C:\Program Files\Fingerprint Sensor
[31/07/2008|19:36] C:\Program Files\Google
[19/11/2007|11:55] C:\Program Files\Infineon
[19/11/2007|11:45] C:\Program Files\InstallShield Installation Information
[19/11/2007|11:38] C:\Program Files\Intel
[01/08/2008|02:22] C:\Program Files\Internet Explorer
[15/01/2008|23:41] C:\Program Files\Inventel
[14/07/2008|23:08] C:\Program Files\iPod
[14/07/2008|23:08] C:\Program Files\iTunes
[16/01/2008|20:39] C:\Program Files\IZArc
[14/07/2008|23:27] C:\Program Files\Java
[02/08/2008|13:43] C:\Program Files\Lopxp
[19/01/2008|00:53] C:\Program Files\Media Player Classic
[16/01/2008|19:59] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[19/11/2007|10:30] C:\Program Files\Microsoft Office
[19/11/2007|10:30] C:\Program Files\Microsoft Visual Studio
[19/11/2007|10:30] C:\Program Files\Microsoft Works
[19/11/2007|10:29] C:\Program Files\Microsoft.NET
[19/11/2007|10:19] C:\Program Files\Motorola
[01/08/2008|02:22] C:\Program Files\Movie Maker
[17/07/2008|00:13] C:\Program Files\Mozilla Firefox
[02/11/2006|14:37] C:\Program Files\MSBuild
[18/04/2007|10:43] C:\Program Files\MSXML 4.0
[19/11/2007|10:32] C:\Program Files\Nero
[29/07/2008|18:41] C:\Program Files\Norton Internet Security
[19/01/2008|16:08] C:\Program Files\OrangeHSS
[19/11/2007|11:40] C:\Program Files\P4G
[05/06/2008|18:54] C:\Program Files\Pando Networks
[19/11/2007|11:40] C:\Program Files\Power4Gear eXtreme
[19/11/2007|11:44] C:\Program Files\PowerForPhone
[14/07/2008|23:04] C:\Program Files\QuickTime
[19/01/2008|18:38] C:\Program Files\Real
[19/11/2007|11:09] C:\Program Files\Realtek
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[15/01/2008|23:41] C:\Program Files\Securitoo
[19/11/2007|11:18] C:\Program Files\Symantec
[19/11/2007|11:43] C:\Program Files\Synaptics
[01/02/2008|22:25] C:\Program Files\Total Video Converter
[02/08/2008|13:06] C:\Program Files\Trend Micro
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[16/01/2008|20:38] C:\Program Files\VideoLAN
[19/01/2008|00:43] C:\Program Files\VistaCodecPack
[19/01/2008|15:46] C:\Program Files\Wanadoo
[01/08/2008|02:22] C:\Program Files\Windows Calendar
[01/08/2008|02:21] C:\Program Files\Windows Collaboration
[01/08/2008|02:21] C:\Program Files\Windows Defender
[01/08/2008|02:21] C:\Program Files\Windows Journal
[24/03/2008|22:59] C:\Program Files\Windows Live
[01/08/2008|02:22] C:\Program Files\Windows Mail
[01/08/2008|02:22] C:\Program Files\Windows Media Player
[02/11/2006|14:37] C:\Program Files\Windows NT
[01/08/2008|02:21] C:\Program Files\Windows Photo Gallery
[01/08/2008|02:22] C:\Program Files\Windows Sidebar
[19/01/2008|21:02] C:\Program Files\WinRAR
[19/11/2007|11:28] C:\Program Files\Wireless Console 2

--------------------\\ Listing des dossiers dans C:\Program Files\Common Files

[10/05/2008|18:04] C:\Program Files\Common Files\Adobe
[19/11/2007|10:34] C:\Program Files\Common Files\Ahead
[16/01/2008|20:02] C:\Program Files\Common Files\Apple
[19/11/2007|10:30] C:\Program Files\Common Files\DESIGNER
[19/01/2008|15:58] C:\Program Files\Common Files\France Telecom
[19/11/2007|11:21] C:\Program Files\Common Files\InstallShield
[19/01/2008|18:31] C:\Program Files\Common Files\Java
[19/11/2007|10:34] C:\Program Files\Common Files\LightScribe
[10/05/2008|16:56] C:\Program Files\Common Files\Macrovision Shared
[16/07/2008|00:07] C:\Program Files\Common Files\microsoft shared
[20/01/2008|04:21] C:\Program Files\Common Files\PX Storage Engine
[19/01/2008|18:39] C:\Program Files\Common Files\Real
[31/07/2008|19:12] C:\Program Files\Common Files\Services
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[14/07/2008|23:28] C:\Program Files\Common Files\Symantec Shared
[01/08/2008|02:21] C:\Program Files\Common Files\System
[24/03/2008|22:58] C:\Program Files\Common Files\WindowsLiveInstaller
[19/01/2008|18:39] C:\Program Files\Common Files\xing shared

--------------------\\ Process

( 74 Processus )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-03 15:08:03
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Recherche d'autres infections

Aucune autre infection trouvée !

[F:10627][D:709]-> C:\Users\Aldric\AppData\Local\Temp
[F:3][D:1]-> C:\Users\Aldric\AppData\Roaming\MICROS~1\Windows\Cookies
[F:46][D:4]-> C:\Users\Aldric\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:22][D:4]-> C:\$Recycle.Bin

--------------------\\ Fin du rapport a 15:14:22,18
[ UAC => 1 ]
0
Réponse 20 / 25
eZula Messages postés 3509 Statut Contributeur 392
 
Ca a l'air bon ce coup-ci. fais ce scan en ligne : https://forum.pcastuces.com/sujet.asp?f=25&s=31584&page=1 puis poste le rapport lorsqu'il a terminé.
0

Discussions similaires

Prélèvement Apple.com Bill
Eva_007 -
kikine -

8 réponses